In my initial post on the US being in a cyberwar with Russia, on 26 July 2016, I wrote (emphasis mine):

One of the real concerns going forward, apart from embarrassing email chains with personally identifying information (PII) being posted on Wikileaks, is not just that Russian Intelligence can get in and look around and take information out of these systems in the US, but what happens if they decide to mess with what’s there? Voter registration information, voter donation information, electoral results, and more are all stored electronically. The next attack may not be interested in embarrassing staffers and causing a few days of reporting about what they wrote. Rather it might seek to remove voters from the rolls or change the reported results of an election in specific locations before they can be reported. And since our system is decentralized, securing all of it is going to be difficult and expensive.

The Senate Intelligence Committee on Tuesday released the unclassified version of its investigation into Russian cyberattacks on digital U.S. voting systems ahead of the 2016 presidential election.

The report finds that Moscow conducted an “unprecedented, coordinated cyber campaign” against the nation’s voting infrastructure. Through its investigation, the committee found that Russia-linked hackers were in a position to “alter or delete voter registration data” in a small number of states before the 2016 vote.

“In a small number of states, Russian-affiliated cyber actors were able to gain access to restricted elements of election infrastructure,” the report states. “In a small number of states, these cyber actors were in a position to, at a minimum, alter or delete voter registration data; however, they did not appear to be in a position to manipulate individual votes or aggregate vote totals.”

“The Committee saw no evidence that votes were changed and found that, on balance, the diversity of our voting infrastructure is a strength,” the report says. “However, the Committee notes that a small number of districts in key states can have a significant impact in a national election.”

Going forward all US election systems – voter registrations, voter rolls, recording of the actual vote, etc – must all be air gapped. They have to be either set up or backed up in such a way that the master information is only accessible via a secured or classified network – not the every day unclassified Internet. Additionally, every vote cast should be pen and paper. And non-partisan observers should be present during all voting and tallying and reporting of the vote totals. And all three of these activities should also be filmed so there is a record of voting, tallying, and reporting. Finally, there should be secured paper backups of everything. If we do these simple things we can safeguard and protect the integrity of our election systems and have faith in the outcome of our elections. Or we can have more 2016s.

Update at 11:30 PM EDT

Here’s the link to the Senate Select Committee on Intelligence unclassified report.

1) what you suggest costs money that Republicans refuse to spend.
2) what you suggest encourages better voter turnout that Republicans don’t want to see.
3) what you suggest requires leadership that Republicans never have.

My (CA) county is shifting to 100% mail paper ballots beginning with the June primary. I know we’re not the sort of place that’s “getable” for targeted voter fraud but suburban congressional seats can turn on a mere few hundred votes so better safe than sorry. I’m sure Kansas will be up next.

@PaulWartenberg: It’s not even that Republicans are unwilling to spend the money and energy to prevent this sort of vote tampering, this is of a piece with Republicans’ strategy of vote tampering that goes back decades.

Which voting machines can be hacked from anywhere in the world, through the Internet?
Which voting machines have other safeguards, so we can audit or recount the election to get the correct result even if the machine is hacked?
The answers, in summary:

Older machines (Shouptronic, AVC Advantage, AccuVote OS, Optech-III Eagle) can be hacked by anyone with physical access; newer machines (almost anything else in use today) can be hacked by anyone with physical access, and are vulnerable to attacks from the Internet.
Optical scan machines, even though they can be hacked, allow audits and recounts of the paper ballots marked by the voters. This is a very important safeguard. Paperless touchscreen machines have no such protection. “DRE with VVPAT” machines, i.e. touchscreens that print on paper (that the voter can inspect under glass while casting the ballot) are “in between” regarding this safeguard.

The most widely used machine that fails #1 and #2 is the AccuVote TS, used throughout the state of Georgia, and in some counties in other states.

To hack a voting machine remotely, you might think it has to be plugged in to the Internet. Most voting machines are never plugged directly into the Internet. But all voting machines must accept electronic input files from other computers: these “ballot definition files” tell the vote-counting program which candidates are on the ballot. These files are transferred to the voting machine, before each election, by inserting a cartridge or memory card into the voting machine. These cartridges are prepared on an Election Management System (EMS) computer. If that computer is hacked, then it can prepare fraudulent ballot-definition cartridges. Are those EMS computers ever connected to the Internet? Most of them probably are, from time to time; it’s hard to tell for sure, given the equivocations of many election administrators.

The ballot definition is (supposed to be) just data, not a computer program. So how could it convey and install a new (fraudulent) vote-counting program onto the voting machine?

Voting machines designed in the 1980s (Shouptronic, AVC Advantage, AccuVote OS, Optech-III Eagle) store their programs in EPROM (Erasable Programmable Read-Only Memory). To install a new program, you need to remove the EPROM chips from the motherboard and install new ones. (Then you can reprogram and reuse the old ones using an EPROM “burner” device.) Those machines are not likely hackable through the Internet, even indirectly via corrupted EMS computers. (What if the EMS sends fraudulent ballot definition cartridges? This should be detectable through pre-election Logic and Accuracy testing, if it’s thorough. And in some cases it can be detected/corrected even after the election.)

Voting machines designed in the 1990s and 2000s took advantage of a new nonvolatile storage technology that we now take for granted: flash memory. They don’t use EPROMs to store the vote-counting program, it’s kept in flash. That flash memory is writable (reprogrammable) from inside the voting computer.

A US senator is holding the nation’s biggest voting machine maker to account following a recent article that reported it has sold equipment that was pre-installed with remote-access software and has advised government customers to install the software on machines that didn’t already have it pre-installed.

Use of remote-access software in e-voting systems was reported last month by The New York Times Magazine in an article headlined “The Myth of the Hacker-Proof Voting Machine.” The article challenged the oft-repeated assurance that voting machines are generally secured against malicious tampering because they’re not connected to the Internet.

Exhibit A in the case built by freelance reporter Kim Zetter was an election-management computer used in 2011 by Pennsylvania’s Venango County. After voting machines the county bought from Election Systems & Software were suspected of “flipping” votes―meaning screens showed a different vote than the one selected by the voter―officials asked a computer scientist to examine the systems. The scientist ultimately concluded the flipping was the result of a simple calibration error, but during the analysis he found something much more alarming―remote-access software that allowed anyone with the correct password to remotely control the system.

Zetter unearthed a 2006 contract with the state of Michigan and a report from Pennsylvania’s Allegheny County that same year that both showed ES&S employees using a remote-access application called pcAnywhere to remotely administer equipment it sold.

However, they did not appear to be in a position to manipulate individual votes or aggregate vote totals.

This is mealy-mouthed language for a matter this important. “They did not appear to be in a position.” What the heck is that supposed to mean? Shouldn’t the Senate committee investigate this? Maybe they could do an audit in Senator Burr’s state of NC for openers.

@Adam L Silverman: But the results at the lowest level can be added up. And then compared with the alleged totaled. No one has made that argument yet. And it shouldn’t come from a blog that is speculating.

If this was any other adminstration, I’d be more confident that what you listed to combat the situation and ensure stability in the future, would be done, but we all know Chump ain’t doing shit unless it’s something Obama did first so he can dismantle it…smh

WA state voters also vote by mail-in ballot. No long lines and broken voting machines — all the sneaky tricks used by the cheating GOP. It is cruel and sadistic to force voters to stand in line for hours — and then toss out their votes for bogus reasons.

A US senator is holding the nation’s biggest voting machine maker to account following a recent article that reported it has sold equipment that was pre-installed with remote-access software and has advised government customers to install the software on machines that didn’t already have it pre-installed.

Use of remote-access software in e-voting systems was reported last month by The New York Times Magazine in an article headlined “The Myth of the Hacker-Proof Voting Machine.” The article challenged the oft-repeated assurance that voting machines are generally secured against malicious tampering because they’re not connected to the Internet.

Exhibit A in the case built by freelance reporter Kim Zetter was an election-management computer used in 2011 by Pennsylvania’s Venango County. After voting machines the county bought from Election Systems & Software were suspected of “flipping” votes―meaning screens showed a different vote than the one selected by the voter―officials asked a computer scientist to examine the systems. The scientist ultimately concluded the flipping was the result of a simple calibration error, but during the analysis he found something much more alarming―remote-access software that allowed anyone with the correct password to remotely control the system.

Zetter unearthed a 2006 contract with the state of Michigan and a report from Pennsylvania’s Allegheny County that same year that both showed ES&S employees using a remote-access application called pcAnywhere to remotely administer equipment it sold.

@Omnes Omnibus: When have you ever seen me advocate giving up? We have a problem. The fixes to it aren’t all that hard. All it takes is replacing elected officials who are willing to make them and some commitment to holding their feet to the fire to do so, so to speak.

I remember thinking at the time of the first post that the Russians didn’t need to hack every system in the country. Given our electoral system they just needed to target some critical ones in the swing states. As it turns out, they were able to target the voters via facebook and twitter, which in retrospect helped clarify to me Bannon’s pre-election comment about suppressing the dem vote. Now that we know the Russians had a backup plan in place, it shows how well planned and coordinated this operation was and how depressingly timid our response has been.

@Omnes Omnibus: I don’t know if you remember this article I posted in December 2016 about Russian traffic on small town municipal websites in Wisconsin.

According to City of Ashland Cyber Security Consultant Eric Ellason and Bayfield County Director of Information Technology Paul Houck, both municipalities have seen an unusual amount of traffic coming to their sites from Russia.
…
“With all of the talk about Russian involvement in the elections, it prompted me to go and look at the traffic recorded at the city’s website,” he said,

That curiosity about what kind of traffic the city’s website was getting from Russia and other eastern European countries led to an unexpected result.

“On most websites you are always going to get a little bit of traffic there, and every day there is always somebody looking for a security issue, so you are always going to see a baseline of traffic that is always a little suspect. Most of the time they don’t find anything, they are just trolling for security flaws,” Ellason said. “When I separated out just Russian traffic, there was a huge spike from about March 15 of this year.”

Looking back further, Ellason said he could find no other comparable traffic spike from Russia.

“That spike was probably 20 to 30 times greater than any other spike in Russian traffic to the city’s website,” he said. “It has been pretty much sustained from March on, all the way through the election period.”

Ellason said the spike appears to be made up of 20 to 30 different users each day. He said the spike has continued even after the election.

In this particular situation voter rolls weren’t on the websites these people were managing (another example is in the article), but in other towns who knows.

And non-partisan observers should be present during all voting and tallying and reporting of the vote totals.

For the 2016 election, LA County set up webcams so you could actually watch County employers verifying ballots (we use Inkavote aka Scantron ballots). It was not riveting TV, but I appreciated that it was there and peeked in a few times.

LA is basically going to set up “voting centers” instead of polling places that will be open for the 11 days prior to each election and on Election Day. You will also be able to drop off your mail-in ballot.

This is far preferable to the current system where you have to drive out to friggin’ Norwalk to early vote.

Today what we’re hoping to do is – there have been discussions between that day to now, and we’ve continued to develop both administratively and sort of begin to put some outlines around the substance of the agenda for the summit between the President and Chairman Un [emphasis mine]. And today we’re hoping to nail some of those down to say – to put in place a framework for a successful summit between the two presidents.

Have been saying this for quite a while (including here): keep an eye on Venezuela. Dolt 45 administration inflating the vituperation.

The Trump administration called on Latin American and Caribbean nations Monday to take bold moves against Venezuela that will make allies squirm, including kicking the crisis-ridden country out of the region’s main diplomatic body and launching money-laundering probes of Venezuelan officials in their countries.

Vice President Mike Pence delivered the challenge during a speech to ambassadors of more than 30 nations at a special meeting of the Organization of American States, the United Nations-like organization for the Western Hemisphere.

The message marks a turning point for the Trump administration, which has been careful not to dictate actions against the government of President Nicolás Maduro and instead encourage them to do what they can. But on Monday, Pence ratcheted up the language, making specific requests and charging that it was time to do more to help the Venezuelan people.
[snip]
[Venezuelan President Moncada] called Trump and Pence racists and hypocrites and encouraged reporters to recall Trump’s reading during the campaign of an anti-immigrant poem called the “Snake,” about a reptile who bites a woman after she takes it in to care for it.

Moncada also charged that the U.S. had committed “international crimes” and blasted Pence for he said was using using “God’s name” in a speech to justify trying to overthrow a sovereign government. Latin American leaders are particularly sensitive to U.S.-backed regime change in the region.
[snip]
“It’s a racist insult to millions of people,” Moncada told reporters after Pence spoke. “Do you not see that you have a racist president? The emperor is naked. The president is racist. He’s insulting the whole world.” Source

Will Venezuela now suffer the fate of being used as an ‘example’ for Iran of U.S. foreign policy, and possibly martial, muscle?

Some people refuse to believe that a confluence of pretty much unheard of small events could lead to the result we got, but it did.
I know you don’t like LGM, but Lemieux has had an excellent handle on this for months.

@Omnes Omnibus: I didn’t say they were fixed. I said, back in July 2016, that my worry is that they could be fixed. The Senate Intel report today backs up that concern. You then asked for sources/citations showing that voting machines could be hacked via the Internet. I provided it. That doesn’t mean they were. It just means they can be. Which is why I included them in my recommendations for fixing the problem/potential problem.

@Adam L Silverman:
Holding their feet to fire…… hmmmmm, this sounds like a promising start.
Maybe some other body part, one desired by almost everyone to be in useable condition. Hmmmmm, I am getting an idea here on how to make politicians better behave themselves.

@tobie: It is not mealy mouthed to say “Appears” if that is the best current information.
It is hard to definitively rule out certain tampering. E.g. replace the log files with versions lacking certain lines.

It would be odd if hackers cleaned logs of data manipulation, but were sloppy enough to leave logs of basic access. But possible.

This report tells us that hackers (Russian? paid by…?) could have changed the results of the election indirectly, by changing the voters who could participate. Added to the many instances of Jim Crow policy that were done in plain sight by GOP state and local officials, well, I’m not seeing evidence that this last election wasn’t fixed. I want to be comforted too but the clear meaning of this report is that precincts and cities, perhaps states, may have been rigged and we will never know it.

If you mean ‘changed votes’, you have to recognize that it’s not important to change votes inside the machine. That’s risky and likely to get caught, compared to changing the demographics of register voters.

If hackers were in a position to take every 3rd Garcia off voter rolls in Maricopa Co, AZ–that right there may have determined the outcome.

What about every 6th voter with [LASTNAME]=*ez in Michigan? How about ALL[FIRSTNAME]=DeAndr* in Milwaukee?

‘Voter registration deletion’ or alteration in states that require a photo ID verifying address may have determined the election. Is the IC report intending to reveal which states were subject to this potential tampering?

@Omnes Omnibus: I just went back and reread the post up top. I didn’t mention voting machines in it at all. So I really don’t know where you fixed on that as part of either what I was worried about or what I think needs to be done to fix the problem.

@MobiusKlein:
The russians don’t seem to be all that concerned about being caught, they leave a fairly visible trail, if one is looking at all. Almost like they want to be caught. Because that might show that the west, especially the US is incapable of actual free elections. Also if they screwed with places that might very well have favored drumpf in the first place, how many of those are willing to have secure and reasonable voting in the first place? And how many of them refused to look at the results as anything but pure?

@Adam L Silverman: Didn’t find the answers I was looking for there, but it will be interesting to see what will be done with the recommendations. I anticipate not much from the White House. However, it’s heartening to see that states have been accepting any help that has been offered thus far.

@Omnes Omnibus: I don’t know the area. I just read the article at the time and it stayed with me because of the small town nature of it. People may think smaller towns and cities were not involved, but this article shows they were. I wonder in how many other small towns and cities across the country this sort of thing also happened.

Ok…OT a bit…but just had to say, I’m supposed to be going to bed, but nope…I’ve been watching Black Panther on digital video….and now I’m caught up in the bonus features!

I swear to ya’ll I’ve been watching the digital video like it’s the frist time…and even on my flat screen same feels as in the theatre…digital copy came out today, and the hard copy DVD/Blu Ray comes out on the 14th I think

@Mnemosyne: The California Voters’ Choice Act. Sacramento County and a few others have opted in. I did a screencast on it for my instructional design class last semester, and it’s pretty cool. You can mail in your ballot, use a county drop box, or go to any county polling station–not tied to precinct any more–and drop off your ballot there. Or vote on the day of.

@lamh36: if I may be pedantic (and just try to stop me!), it’s “y’all” not “ya’ll” as it is a contraction of “you all”. You’re in good company, though—John Grisham makes the same mistake and apparently his editors are either Yankees or are afraid of him.

@Omnes Omnibus: …how would removing voters from the database be reflected in audits? Of what machines? Change a database, change the ‘last opened’ tag, and get out. I could do it, and I SELL software, I don’t CODE software.

Thanks for gathering this voting information for everyone. I’ve seen similar information in trade publications as long ago as the early 2000s. And I ask myself, why this urge to computerize something as simple as voting on ballots and counting them…?!!

When I was a kid, we helped at the newspaper, which did it’s own totalizing as precincts reported counts into the courthouse, reporters at the courthouse called those subtotals into the newsroom, and we used old fashioned adding machines to generate bigger totals for districts and the counties in our circulation area, around 11 counties all told.

It took all night, and at the end of that process the county totals and the newsroom totals needed to be really close, like right on the money. And this was back in the days when elections were famously not that clean here.

Anyway, counting and adding seems to be foolproof, and very difficult to hack. Even if you don’t use scanners to add things up. Why make it both more diffcult, less transparent, and completely not-auditable? So it’s easier to cheat is the only reason my systems analyst mind ever came up with.

@Adam L Silverman:
I still believe that the test case for 2016 was the state elections in Kansas. The ‘ results’ never added up to pre-election polling. Had suppressive voter ID laws that could be the scapegoat to ” Understanding” how the polls could be wrong.

We are in a very strange spot as a country. Some states are improving things like motor-voter, automatic registration, etc, and some states have excellent SOSs and paper ballots and post-election audits.

And others (is it still 15?) have touchscreen voting with no receipt and dubious ‘recount’ process. I know a good system because we have one in MN – but only because voters pay attention. We had a pretty well contested election for SOS last time. The GOP is hot to fvk up Minnesota’s quality elections.

I am pretty confident Steve Simon is busy at work on data protections.

Last Wednesday, senior FBI and national intelligence officials relayed an urgent message to the White House: Information being sought by House Intelligence Committee Chairman Devin Nunes could endanger a top-secret intelligence source.

Top White House officials, with the assent of President Trump, agreed to back the decision to withhold the information. They were persuaded that turning over Justice Department documents could risk lives by potentially exposing the source, a U.S. citizen who has provided intelligence to the CIA and FBI, according to multiple people familiar with the discussion and the person’s role.

The showdown marked a rare moment of alignment between the Justice Department and Trump, who has relentlessly criticized Attorney General Jeff Sessions and other top Justice officials for the probe into Russia’s interference in the 2016 election led by special counsel Robert S. Mueller III.

But it is unclear whether Trump was alerted to a key fact — that information developed by the intelligence source had been provided to the Mueller investigation.

The debate over the risk to the source is now at the center of a pitched battle between House Republicans and the Justice Department.

After the White House sided with the department’s decision to refuse the request, Nunes (R-Calif.) publicly vented his frustration, saying Sunday that he may try to hold Sessions in contempt for refusing to comply. He said that his classified-document request and subsequent subpoena to the Justice Department did not refer to an individual.

“They are citing spurious national security concerns to evade congressional oversight while leaking information to The Washington Post ostensibly about classified meetings,” he said in a statement to The Post. “Congress has a right and a duty to get this information and we will succeed in getting this information, regardless of whatever fantastic stories the DOJ and FBI spin to the Post.”

Several administration officials said they fear Trump may reverse course and support Nunes’s argument.

White House officials did not respond to requests for comment.

For the intelligence agencies, Nunes’s request threatened to cross a red line of compromising sources and methods of U.S. intelligence-gathering, according to people familiar with their views. Intelligence officials fear that providing even a redacted version of the information Nunes seeks could expose that person and damage relationships with other countries that serve as U.S. intelligence partners.

The role of the intelligence source in the Mueller investigation may now be seized upon by conservative Republicans who have publicly accused the Justice Department and intelligence agencies of overreach and misuse of their surveillance powers.

During a meeting at the White House last Wednesday, senior FBI and intelligence officials told Chief of Staff John F. Kelly that turning over the information could contradict years of policy about protecting intelligence sources, according to three people familiar with the matter. The people who described the meeting include those who support the release of the information and those opposed to it.

Kelly then consulted with Trump, who agreed it was important to protect intelligence sources, according to a person with knowledge of the conversation.

Assistant Attorney General Stephen E. Boyd laid out those concerns to Nunes in a letter the following day, noting that the department made the decision after “consultations” with the White House and intelligence agencies.

“Disclosure of responsive information to such requests can risk severe consequences including potential loss of human lives, damage to relationships with valued international partners, compromise of ongoing criminal investigations, and interference with intelligence activities,” Boyd wrote.

Nunes told reporters Monday that the Justice Department’s stance was “awfully suspicious,” suggesting that the White House did not share the department’s concerns.

“The word that comes to me is obfuscation,” he said.

On Tuesday, House Speaker Paul D. Ryan (R.-Wis.) said he had not discussed the matter with Nunes but added that he expected congressional subpoenas to be enforced.

I’m actually sitting in the lobby of the center waiting for them to bring me a CD of the scan so I can bring it to my doctor. It was short and boring, unlike the dental CT I got a couple of years ago. With that one, the machine played “Moonlight Sonata” while it was scanning me. 😂

Repost from dying thread: @Adam L Silverman: No need for the Bears to get too Fancy.
Just change enough details on a few thousand registrations so it clashes with Crosscheck in about 4 states-say Pennsylvania, Wisconsin, Michigan and Floriduh and there you go.

@Mnemosyne: I was originally going to do the e-port, but when I took my research methods class that focused on history, I came up with an idea for a thesis on Vivian Harsh, the first African American and the first woman to head a Chicago Public Library branch back in 1932. I just have to manage the anxiety enough to submit the proposal, which has been difficult this semester. I’ve got health insurance again, though, so hopefully once I’m back on my meds, I’ll be able to move forward.

That sounds really cool! Chicago is very proud of its history, so you should be able to find a lot of people willing to help you out. Chicagoans as a whole are much nicer than New Yorkers or Angelenos.

@Mnemosyne: :D I’m from Chicago, which is what first drew me to this topic. Harsh’s archives and papers are at the Woodson Regional Library on 95th and Halsted, where I used to do research back in high school.

I forgot that about you. 😳 I’m from the North Shore, so I usually try to say “near Chicago” so people stop asking me if I know their cousin who lives in Centralia. Illinois is a big state, y’all, so, no, I don’t.

“non-partisan observers should be present during all voting and tallying and reporting of the vote totals” Agreed.

Got another ribbon yesterday, “County Board of Elections / Election Official / District Board Worker”. We’re supposed to be there at 5:15 AM to get things ready for polls to open at 6, check and sign the results after the polls close at 8 PM, and straighten up so firemen can put their engine inside again. Also supposed to attend a two-hour training class every two years.

Is difficult finding people for this, even in NJ where ‘district board workers’ get paid $200 for the day. Finding ‘non-partisan people’ who’re willing to spend Election Day in polling places, in the company of partisan folk checking vote totals and which of their voters needs rides or kid minders, visits from elected officials and candidates and reporters – if you know of any such nonpartisan people, mayhaps we can have them cloned ;-)

And early voting and extended voting hours will put more demands on the diligent and public-spirited people whom you want doing this. (I’m not one of them, I just need the $$$)

I’ve quite often said “All problems are solvable – all you need are time, money, and competent and dedicated people. But don’t construct solutions assuming that the third of these is an unlimited costless resource.”

I’m going to hit ‘post comment’ here even tho I ain’t had my second cuppa, Apologies to Mr. Silverman, whom I respect, if this is a rant, wanted to get it off my chest while fresh…

@Kraux Pas: I’m late to the thread & I’ll answer this without reading the thread.

This news about access to voter rolls is not exactly new news. We had reports right after the election and I had several conversations about it.

At least in Texas you are not turned away. What they do is if you are not on the roll (or have any sort of issue) you get to cast a provisional ballot. Then if the race is close they start looking at those provisional ballots. They check to see if you are actually a valid voter and then count your vote. If they decide you are not a valid voter they don’t count your vote and they do not notify you.

In every single election I’ve seen someone have an issue at the ballot box. So someone might go ahead and cast that vote and then never find out if it was counted or not.